Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices
securityweek
Vulnerable UEFI firmware applications from DTResearch, a company that makes rugged tablets, laptops and other industrial computers, can be leveraged to bypass Secure Boot on many devices.
The vulnerability, tracked as CVE-2025-3052, was disclosed on Tuesday by CERT/CC and Binarly, the firmware security firm whose researchers discovered the issue.
Binarly researchers found that two UEFI applications made by DTResearch and signed with Microsoft’s third-party UEFI certificate are affected by a vulnerability that can be exploited using specially crafted NVRAM variables, which store configuration, device customization, and runtime context data that needs to persist across reboots of the device.
An attacker who has access to the targeted system can exploit CVE-2025-3052 — through a Bring Your Own Vulnerable Driver (BYOVD) attack — to modify a specific NVRAM variable that enables a bypass of Secure Boot during the boot process.
Secure Boot is a security feature that protects the boot process by ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE